Support Questions
Find answers, ask questions, and share your expertise

NiFi Can't See AWS Profile

NiFi Can't See AWS Profile

New Contributor

I'm attempting to use ListS3 to access a bucket in S3 and I've set up an AWSCredentialsProviderControllerService. However, when I run this processor it returns with 




The security token included in the request is invalid (Service: AWSSecurityTokenService; Status Code: 403; Error Code: InvalidClientTokenId)




I can run from the aws cli without issue, and both the command line and NiFi are running the same user. I'm just stumped as to why it's failing on NiFi but not on the cli when I run as the nifi user. It seems like it can't see my profilename profile which is already configured with the region, the role_arn, and the credential_source. 

On the cli, I run 




aws s3 cp s3://bucket/path/to/file.file /path/to/dest --profile profilename




The configs for the Controller Service are 




Use Default Credentials: false
Access Key: No value set
Secret Key: No value set
Credentials File: No value set
Profile Name: profilename
Use Anonymous Credentials: false
Assume Role ARN: arn:aws:iam:00000000000:role/bucket
Assume Role Session Name: default
Session Time: 3600




I'm just not clear why this isn't working in NiFi but is working on the cli, and I'm at a loss as to how to fix it.